Package net.devh.boot.grpc.client.config

Class GrpcChannelProperties.Security

java.lang.Object
net.devh.boot.grpc.client.config.GrpcChannelProperties.Security
Enclosing class:
GrpcChannelProperties
public static class GrpcChannelProperties.Security extends Object
A container with options for the channel's transport security.

  • Constructor Details

    • Security

      public Security()

  • Method Details

    • isClientAuthEnabled

      public boolean isClientAuthEnabled()
      Gets whether client can authenticate using certificates.
      Returns:
      True, if the client can authenticate itself using certificates.
      See Also:

    • setClientAuthEnabled

      public void setClientAuthEnabled(Boolean clientAuthEnabled)
      Set whether client can authenticate using certificates. Defaults to false.
      Parameters:
      clientAuthEnabled - Whether the client can authenticate itself using certificates.

    • getCertificateChain

      public Resource getCertificateChain()
      Gets the resource containing the SSL certificate chain.
      Returns:
      The certificate chain resource or null, if security is not enabled.
      See Also:

    • setCertificateChain

      public void setCertificateChain(Resource certificateChain)
      Sets the resource containing the SSL certificate chain. Required if isClientAuthEnabled() is true. The linked certificate will be used to authenticate the client.
      Parameters:
      certificateChain - The certificate chain.
      See Also:
      • SslContextBuilder.keyManager(InputStream, InputStream, String)

    • getPrivateKey

      public Resource getPrivateKey()
      Gets resource containing the private key.
      Returns:
      The private key resource or null, if security is not enabled.
      See Also:

    • setPrivateKey

      public void setPrivateKey(Resource privateKey)
      Sets the resource containing the private key. Required if isClientAuthEnabled() is true.
      Parameters:
      privateKey - The private key resource.
      See Also:
      • SslContextBuilder.keyManager(InputStream, InputStream, String)

    • getPrivateKeyPassword

      public String getPrivateKeyPassword()
      Gets the password for the private key.
      Returns:
      The password for the private key or null, if the private key is not set or not encrypted.
      See Also:

    • setPrivateKeyPassword

      public void setPrivateKeyPassword(String privateKeyPassword)
      Sets the password for the private key.
      Parameters:
      privateKeyPassword - The password for the private key.
      See Also:
      • SslContextBuilder.keyManager(File, File, String)

    • getKeyStoreFormat

      public String getKeyStoreFormat()
      The format of the keyStore.

      Possible values includes:

      • AUTODETECT (default)
      • JKS (.jks)
      • PKCS12 (.p12)
      • any supported KeyStore format
      • Fallback to KeyStore#getDefaultType()
      Returns:
      The key store format to use.

    • setKeyStoreFormat

      public void setKeyStoreFormat(String keyStoreFormat)
      The format of the keyStore.

      Possible values includes:

      • AUTODETECT (default)
      • JKS (.jks)
      • PKCS12 (.p12)
      • any supported KeyStore format
      • Fallback to KeyStore#getDefaultType()
      Parameters:
      keyStoreFormat - The key store format to use

    • getKeyStore

      public Resource getKeyStore()
      The resource containing the key store. Cannot be used in conjunction with privateKey.
      Returns:
      The key store resource or null.

    • setKeyStore

      public void setKeyStore(Resource keyStore)
      The resource containing the key store. Cannot be used in conjunction with privateKey.
      Parameters:
      keyStore - The key store resource.

    • getKeyStorePassword

      public String getKeyStorePassword()
      Password for the key store. Use is combination with keyStore.
      Returns:
      The password for the key store or null.

    • setKeyStorePassword

      public void setKeyStorePassword(String keyStorePassword)
      Password for the key store. Use is combination with keyStore.
      Parameters:
      keyStorePassword - The password for the key store.

    • getTrustCertCollection

      public Resource getTrustCertCollection()
      Gets the resource containing the the trusted certificate collection. If null or empty the use the system's default collection should be used.
      Returns:
      The trusted certificate collection resource or null.
      See Also:

    • setTrustCertCollection

      public void setTrustCertCollection(Resource trustCertCollection)
      Sets the resource containing the trusted certificate collection. If not set (null) it will use the system's default collection (Default). This collection will be used to verify server certificates.
      Parameters:
      trustCertCollection - The path to the trusted certificate collection.
      See Also:
      • SslContextBuilder.trustManager(InputStream)

    • getTrustStoreFormat

      public String getTrustStoreFormat()
      The format of the trustStore.

      Possible values includes:

      • AUTODETECT (default)
      • JKS (.jks)
      • PKCS12 (.p12)
      • any supported KeyStore format
      • Fallback to KeyStore#getDefaultType()
      Returns:
      The trust store format to use.

    • setTrustStoreFormat

      public void setTrustStoreFormat(String trustStoreFormat)
      The format of the trustStore.

      Possible values includes:

      • AUTODETECT (default)
      • JKS (.jks)
      • PKCS12 (.p12)
      • any supported KeyStore format
      • Fallback to KeyStore#getDefaultType()
      Parameters:
      trustStoreFormat - The trust store format to use.

    • getTrustStore

      public Resource getTrustStore()
      The resource containing the trust store. Cannot be used in conjunction with trustCertCollection. If neither this nor trustCertCollection is set then the system's trust store will be used.
      Returns:
      The trust store resource or null.

    • setTrustStore

      public void setTrustStore(Resource trustStore)
      The resource containing the trust store. Cannot be used in conjunction with trustCertCollection. If neither this nor trustCertCollection is set then the system's trust store will be used.
      Parameters:
      trustStore - The trust store resource.

    • getTrustStorePassword

      public String getTrustStorePassword()
      Password for the trust store. Use is combination with trustStore.
      Returns:
      The password for the trust store or null.

    • setTrustStorePassword

      public void setTrustStorePassword(String trustStorePassword)
      Password for the trust store. Use is combination with trustStore.
      Parameters:
      trustStorePassword - The password for the trust store.

    • getAuthorityOverride

      public String getAuthorityOverride()
      Gets the authority to check for during server certificate verification.
      Returns:
      The override for the authority to check for or null, there is no override configured.
      See Also:

    • setAuthorityOverride

      public void setAuthorityOverride(String authorityOverride)
      Sets the authority to check for during server certificate verification. By default the clients will use the name of the client to check the server certificate's common + alternative names.
      Parameters:
      authorityOverride - The authority to check for in the certificate, or null to use the default checks.
      See Also:

    • getCiphers

      public List<String> getCiphers()
      Gets the cipher suite accepted for secure connections (in the order of preference).
      Returns:
      The cipher suite accepted for secure connections or null.

    • setCiphers

      public void setCiphers(String ciphers)
      Sets the cipher suite accepted for secure connections (in the order of preference). If not specified (null), then the default suites should be used.
      Parameters:
      ciphers - Cipher suite consisting of one or more cipher strings separated by colons, commas or spaces
      See Also:
      • SslContextBuilder.ciphers(Iterable)

    • getProtocols

      public String[] getProtocols()
      Gets the TLS protocols accepted for secure connections
      Returns:
      The protocols accepted for secure connections or null.

    • setProtocols

      public void setProtocols(String protocols)
      Sets the TLS protocols accepted for secure connections. If not specified (null), then the default ones will be used.
      Parameters:
      protocols - Protocol list consisting of one or more protocols separated by colons, commas or spaces.
      See Also:
      • SslContextBuilder.protocols(String...)

    • copyDefaultsFrom

      public void copyDefaultsFrom(GrpcChannelProperties.Security config)
      Copies the defaults from the given configuration. Values are considered "default" if they are null. Please note that the getters might return fallback values instead.
      Parameters:
      config - The config to copy the defaults from.

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • canEqual

      protected boolean canEqual(Object other)

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object